At 10:28 -0800 4/2/99, David A. Ranch wrote:
>>But wouldn't the routing be set up to be:
>>
>>+-------+ server requests +-------+
>>| Modem | ----------------> | ppp0 |
>>+-------+ | | |
>>+-------+ | V |
>>| Cable | <---------------> | eth1 |
>>| Modem | | ^ |
>>+-------+ | | |
>> | V | +-----------+
>> | eth0 | <---> | Local Net |
>> +-------+ +-----------+
>>
>[...snip...]
>Right.. the destination address would get the packet back to the source
>but my issue is that the SOURCE address of the ACK would NOT be ppp0's
>IP but ETH1.
Actually, if the packets are for an HTTP connection (or FTP, whatever)
initiated from the workstation, the workstation's endpoint for this
connection is probably ppp0's IP. The routing of packets back in via the
Cable modem is just that, routing. The ISP's routing tables presumably have
the cable modem as the route 'to' the ppp0 IP, while the workstation has
ppp0 as the route 'to' the outside world.
In this instance, the packets coming 'in' are probably addressed to ppp0's
IP and get acked (with that 'from' address) by packets routed out the PPP
link.
I suppose it's even possible that the eth1 address might be used for
routing only and not advertised, so that no incoming packets would ever
arrive targeted for the eth1's IP address as an endpoint. It might only be
possible for incoming connections to be addressed to the ppp0 IP, routed
via eth1. This is just theory, but it's based on how networking works.
The opposite seems unlikely, i.e. that the 'advertised' IP for the
workstation is eth1's IP, and ppp0's IP is just the workstation's route to
the outside. The thing is, if a program on the workstation goes to build a
socket to talk to the outside world, it's going to want to build that
socket with ppp0's IP, since that's the only way it knows to get to the
outside world. It would be doable by the ISP using masquerading, of course.
But we all know of the complications with protocols which duplicate IP
address info in their data streams, so that would be a risky way to do it,
lots of stuff wouldn't work.
Further, I would think that only INCOMING connections can be established
with the IP address of eth1, given that the only outgoing route is via ppp0.
--
Mike Casteel
[EMAIL PROTECTED] Seattle, WA
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]
